---
dimensions:
  type:
    primary: operational
    detail: setup
  level: intermediate
standard_title: Contributor Covenant Code of Conduct
language: en
title: Plugin Development Guidelines
description: To ensure the quality of all plugins in the Dify Marketplace and provide
  a consistent, high-quality experience for Dify Marketplace users, you must adhere
  to all requirements outlined in these Plugin Development Guidelines when submitting
  a plugin for review. By submitting a plugin, **you acknowledge that you have read,
  understood, and agree to comply with all the following terms**. Following these
  guidelines will help your plugin get reviewed faster.
---

## 1. Plugin Value and Uniqueness

- **Focus on Generative AI**: Ensure the core functionality of your plugin focuses on the Generative AI domain and provides distinct and significant value to Dify users. This may include:
  - Integrating new models, tools, or services.
  - Offering unique data sources or processing capabilities to enhance AI applications.
  - Simplifying or automating AI-related workflows on the Dify platform.
  - Providing innovative supporting functions for AI application development.

- **Avoid Functional Duplication**: Submitted plugins **must not** duplicate or closely resemble existing plugins in the Marketplace. Each published plugin must be unique and independent to ensure the best experience for users.

- **Meaningful Updates**: For plugin updates, **ensure new features or services** are introduced that are not already available in the current version.

- **PR Submission Advice**: We **recommend** including a brief explanation in your pull request to clarify why the new plugin is needed.

## 2. Plugin Functionality Checklist

- **Unique Name**: Ensure your plugin name is unique by searching the plugin directory beforehand.

- **Brand Alignment**: Plugin name must match the plugin's branding.

- **Functionality Verification**: Test the plugin thoroughly before submission and confirm it works as intended. For details, refer to [Remote Debug a Plugin](/plugin-dev-en/0411-remote-debug-a-plugin). The plugin must be production-ready.

- **README Requirements**:
  - Setup instructions and usage guidance.
  - Any necessary code, APIs, credentials, or information required to connect the plugin.
  - Do **not** include irrelevant content or links.
  - Do **not** use exaggerated, promotional language, or unverifiable claims.
  - Do **not** include advertisements of any kind (including self-promotion or display ads).
  - Do **not** include misleading, offensive, or defamatory content.
  - Do **not** expose real user names or data in screenshots.
  - Do **not** link to 404 pages or pages that return errors.
  - Avoid excessive spelling or punctuation errors.

- **User Data Use**: Use collected data only for connecting services and improving plugin functionality.

- **Error Clarity**: Mark required fields and provide clear error messages that help users understand issues.

- **Authentication Settings**: If authentication is needed, include the full configuration steps—do not omit them.

- **Privacy Policy**: Prepare a privacy policy document or online URL in accordance with the [Privacy Guidelines](/plugin-dev-en/0312-privacy-protection-guidelines).

- **Performance**: Plugins must operate efficiently and must not degrade the performance of Dify or user systems.

- **Credential Security**: API keys or other credentials must be stored and transmitted securely. Avoid hardcoding them or exposing them to unauthorized parties.


## 3. Language Requirements

- **English as Primary Language**: Since Dify Marketplace serves a global audience, **English must be the primary language** for all user-facing text (plugin names, descriptions, field names, labels, help text, error messages).

- **Multilingual Support Encouraged**: Supporting multiple languages is encouraged.


## 4. Prohibited and Restricted Plugins

- **Prohibited: Misleading or Malicious Behavior**  
  Plugins must not mislead users. Do not create plugins for spamming, phishing, or sending unsolicited messages. Attempts to deceive the review process, steal user data, or impersonate users will result in removal and possible bans from future submissions.

- **Prohibited: Offensive Content**  
  Plugins must not contain violent content, hate speech, discrimination, or disrespect toward global cultures, religions, or users.

- **Prohibited: Financial Transactions**  
  Plugins must not facilitate any financial transactions, asset transfers, or payment processing. This includes token or asset ownership transfers in blockchain/crypto applications.

- **Restricted: Plugins with Frequent Defects**  
  Thoroughly test your plugin to avoid critical bugs. Repeated submissions with defects may lead to delays or penalties.

- **Restricted: Unnecessary Plugin Splitting**  
  Do not create multiple plugins for features that share the same API and authentication unless each is clearly a standalone product or service. Prefer integrating features into one high-level plugin.

- **Restricted: Duplicate Submissions**  
  Avoid repeatedly submitting essentially identical plugins. Doing so may delay reviews or result in rejection.

## 5. Plugin Monetization

- **Dify Marketplace currently only supports **free** plugins.

- **Future Policy**: Policies for monetization and pricing models will be announced in the future.

## 6. Trademarks and Intellectual Property

- **Authorization Required**: Ensure you have rights to use any logos or trademarks submitted.

- **Verification Rights**: We may ask you to prove you have permission if third-party logos are used—especially if they clearly belong to known brands.

- **Violation Consequences**: Dify reserves the right to ask for changes or remove the plugin if unauthorized use is found. Complaints from rights holders may also result in removal.

- **Dify Logos Forbidden**: You may not use Dify's own logos.

- **Image Standards**: Do not submit low-quality, distorted, or poorly cropped images. The review team may request replacements.

- **Icon Restrictions**: Icons must not contain misleading, offensive, or malicious visuals.



## 7. Plugin Updates and Version Management

- **Responsible Updates**: Clearly communicate breaking changes in descriptions or via external channels (e.g., GitHub Release Notes).

- **Encouraged Maintenance**: Update regularly to fix bugs, match Dify platform changes, or respond to updates from third-party services—especially for security.

- **Deprecation Notice**: If discontinuing a plugin, notify users in advance (e.g., timeline and plan in the plugin description) and suggest alternatives if available.


## 8. Plugin Maintenance and Support

- **Owner Responsibility**: Plugin owners are responsible for technical support and maintenance.

- **Support Channel Required**: Owners must provide **at least one** support channel (GitHub repo or email) for feedback during review and publication.

- **Handling Unmaintained Plugins**: If a plugin lacks maintenance and the owner does not respond after reasonable notification, Dify may:
  - Add "Maintenance Lacking" or "Potential Risk" tags.
  - Restrict new installs.
  - Eventually unpublish the plugin.


## 9. Privacy and Data Compliance

- **Disclosure Required**: You **must declare** whether your plugin collects any user personal data. See the [Privacy Guidelines](/plugin-dev-en/0312-privacy-protection-guidelines).

- **Simple Data Listing**: If collecting data, briefly list types (e.g., username, email, device ID, location). No need for exhaustive detail.

- **Privacy Policy**: You **must provide** a privacy policy link stating:
  - What information is collected.
  - How it is used.
  - What is shared with third parties (with their privacy links if applicable).

- **Review Focus**:
  - **Formal Check**: Make sure you declare what data you collect.
  - **Sensitive Data Scan**: Plugins collecting sensitive data (e.g., health, finance, children's info) require additional scrutiny.
  - **Malicious Behavior Scan**: Plugins must not collect or upload user data without consent.

---

## 10. Review and Discretion

- **Right to Reject/Remove**: If requirements, privacy standards, or related policies are unmet, Dify may reject or remove your plugin. This includes abuse of the review process or data misuse.

- **Timely Review**: The Dify review team will aim to review plugins within a reasonable time, depending on volume and complexity.

- **Communication**: We may reach out through the support channel you provide—please ensure it is active.

## Related Resources

- [Basic Concepts of Plugin Development](/plugin-dev-en/0111-getting-started-dify-plugin) - Learn the basics of plugin development
- [Publishing Plugins](/plugin-dev-en/0321-release-overview) - Overview of the plugin publishing process
- [Plugin Privacy Data Protection Guide](/plugin-dev-en/0312-privacy-protection-guidelines) - Guide for writing privacy policies
- [Publish to Dify Marketplace](/plugin-dev-en/0322-release-to-dify-marketplace) - Publish plugins on the official marketplace
- [Remote Debugging Plugins](/plugin-dev-en/0411-remote-debug-a-plugin) - Plugin debugging guide

{/*
Contributing Section
DO NOT edit this section!
It will be automatically generated by the script.
*/}

---

[Edit this page](https://github.com/langgenius/dify-docs/edit/main/plugin-dev-en/0312-contributor-covenant-code-of-conduct.mdx) | [Report an issue](https://github.com/langgenius/dify-docs/issues/new?template=docs.yml)

